Ultimate access to all questions.
Upgrade Now 🚀
Sign in to unlock AI tutor
Your AWS environment has detected suspicious activity on an EC2 instance. According to the AWS Security Incident Response Guide, what initial steps should be taken to isolate the compromised resource and prevent further damage?
A
Immediately terminate the instance and delete all associated EBS volumes.
B
Isolate the instance by removing it from the security group and network ACLs, then perform a root cause analysis.
C
Reboot the instance and monitor the logs for any unusual activity.
D
Increase the instance type to a larger size to handle potential increased load from the attack.
